Thursday, September 16, 2021

Monitor your backups effectively using Azure Monitor Alerts for Azure Backup

As a backup admin, one of your key responsibilities is to stay on top of all critical backup incidents and ensure that these are routed to the right channels so that timely corrective action can be taken.

 

Azure Backup now offers a new and improved alerting solution built on Azure Monitor to aid you in this regard. With this Azure Monitor integration, you can receive built-in alerts for critical scenarios which can be managed from Azure Monitor as well as Backup center. In addition, you can route these alerts to different notification channels.

 

Benefits of Azure Monitor alerts for Azure Backup

  • Ability to configure notifications to a wide range of notification channels

Azure Monitor supports a wide range of notification channels such as email, ITSM, webhooks, logic apps, and so on. You can configure notifications for backup alerts to any of these channels without needing to spend too much time creating custom integrations.

 

  • Ability to select which scenarios to get notified about

With Azure Monitor alerts, you can choose which scenarios to get notified about. You also have the flexibility to choose whether to enable notifications for test subscriptions or not.

 

  • Ability to manage alerts and notifications programmatically – You can leverage Azure Monitor’s REST APIs to manage alerts and notifications via non-portal clients as well.

 

  • Ability to have a consistent alerts management experience for multiple Azure services including backup – Azure Monitor is the established paradigm for monitoring resources across Azure. With the integration of Azure Backup with Azure Monitor, backup alerts can be managed in the same way as alerts for other Azure services without requiring a separate paradigm.

 

 

 

Alert scenarios

Currently, Azure Backup has made two main categories of built-in alerts available for consumption via Azure Monitor:

  • Security alerts: For scenarios such as deletion of backup data or disabling of soft-delete functionality for a vault, security alerts (of severity Sev 0) are fired by Azure Backup. Security alerts are generated by default and can't be turned off. However, you can control the scenarios for which the notifications (for example, emails) should be fired.
  • Job failure alerts: For scenarios such as backup failure and restore failure, Azure Backup also provides built-in alerts (of Severity Sev 1). Unlike security alerts, you can choose to turn off Azure Monitor alerts for job failure scenarios - for example, if you have already configured custom alert rules for job failures via Log Analytics, and don't need built-in alerts to be fired for every job failure. By default, alerts for job failures are turned off.

Refer to the documentation for more information on supported alert scenarios for each workload type.

 

Notifications

The aforementioned built-in alerts can be consumed via the Azure portal or other clients such as Azure PowerShell, CLI and REST API.

 

In many cases, you might also want to configure notifications for these alerts - for example, email. To configure notifications, you can leverage Azure Monitor’s Action Groups and Action Rules.

 

  • An Action Group is a collection of notification preferences defined by the owner of an Azure subscription. Azure Monitor alerts use action groups to notify you that an alert has been triggered. Various alerts may use the same action group or different action groups depending on your requirements. As highlighted earlier, Azure Monitor supports a wide range of action groups, including email, ITSM, webhooks, logic apps, and so on. 

 

  • An Action Rule lets you associate alerts to action groups. Action rules provide rich flexibility in allowing you to specify the scope of resources to which an action group should be attached, and the alert scenarios for which notifications should be generated.

 

This article details the steps to configure email notifications for backup alerts using Action Groups and Action Rules. For configuring notifications to other channels, you can refer to the Azure Monitor documentation pages.

 

 

Managing alerts and notifications from Backup center

 

In addition to enabling you to manage the alerts from Azure Monitor dashboard, Azure Backup also provides an alerts management experience tailored to backups via Backup center. This experience provides the following additional benefits:

 

  • Ability to view backup-related alerts at scale across vault.
  • Ability to slice-and-dice alerts by backup-specific properties such as workload type, vault location, etc.
  • Quick visibility into the active backup security alerts that require attention
  • Ability to configure and manage notifications (action rules) for backup alerts from Backup center
  • Actionable interfaces that enable navigation to the virtual machine or storage account that requires attention

 

Aditya_Balaji_0-1631787215960.png

 

 

 

Frequently Asked Questions

Q. What will happen to the earlier backup alerts solution for Recovery services vaults?

A. For a period of time, the earlier backup alerts solution will co-exist with the newer Azure Monitor-based solution. This is meant to provide you sufficient time to familiarize yourself with the new experience. It is recommended to switch to using Action Groups for notifications as Azure Monitor integration is the forward-looking alerting and notification solution for Azure Backup.

Note that the alerts visible in Backup center are all based on the Azure Monitor-based solution. Alerts generated by the earlier solution cannot be viewed in Backup center.

 

Q. Do I have to pay anything to make use of built-in Azure Monitor alerts for Azure Backup?

A. The alerts are fired by default and come at no additional cost. If you choose to configure notifications (action rules) for these alerts, notifications are free up to the limits specified in the free tier. If the volume of notifications falls beyond the free tier, there is a minor cost involved for the additional notifications generated. Refer to this page to learn more about the free tier for notifications and the cost of notifications beyond the free tier.

 

Q. What if I want to create alerts based on custom rules, in addition to the built-in alerts?

A. The Azure Backup team is actively working on enhancements in custom alerting. Write to AskAzureBackupTeam@microsoft.com if you’d like to learn more about the roadmap and the upcoming preview programs!

 

In the meantime, you can always make use of alert rules based on Azure Monitor Logs if you have configured your vaults to send data to a Log Analytics workspace.

 

Resources

Posted at https://sl.advdat.com/3EjyUfP